﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using SRM.DataObjects;
using System.Data;
using System.Web.Security;

namespace SRM
{
    public partial class LoginForm : System.Web.UI.Page
    {
        public DataTable Applicant { get; set; }
        public string ApplicantKey { get; set; }

        protected void Page_Load(object sender, EventArgs e)
        {
            #region Setup Position (if any else unsolicited)

            if ((Session["RequisitionKey"] == null) && (Request.QueryString["pos"] == null))
            {
                Session["RequisitionKey"] = SRM_Requisition.GetUnsolicitedRequisitionKey();
            }
            else
            {
                string requisitionKey = string.Empty;

                if ((string.IsNullOrEmpty(requisitionKey)) && (Session["RequisitionKey"] != null))
                    requisitionKey = Session["RequisitionKey"].ToString().Trim();

                if (Request.QueryString["pos"] != null)
                    requisitionKey = Request.QueryString["pos"].Trim();

                Session["RequisitionKey"] = requisitionKey.ToString();
            }

            #endregion Setup Position (if any else unsolicited)
        }

        protected void Login_Button_Click(object sender, EventArgs e)
        {
            // Compute MD5 hash for input password
            string inputMD5 = Help.ComputeMD5(Password_TextBox.Text);

            // Fetch record in database
            string emailAddress = Email_TextBox.Text.Trim();
            DataTable dtApplicantAccount = SRM_Applicant.GetApplicantAccount(emailAddress);
            if ((dtApplicantAccount != null) && (dtApplicantAccount.Rows.Count > 0))
            {
                // Compare MD5
                if (inputMD5 == dtApplicantAccount.Rows[0]["Password"].ToString())
                {
                    Session["ApplicantKey"] = dtApplicantAccount.Rows[0]["ApplicantKey"].ToString();
                    Session["EmailAddress"] = emailAddress;
                    Session["Stage"] = dtApplicantAccount.Rows[0]["Stage"].ToString();

                    this.ApplicantKey = Session["ApplicantKey"].ToString();
                    this.hdn_applicantKey.Value = Session["ApplicantKey"].ToString();
                    this.hdn_UseSAPCode.Value = "1";
                    int applicantKey = int.Parse(Session["ApplicantKey"].ToString());
                    this.Applicant = SRM_Applicant.GetApplicant(applicantKey);

                    string username = emailAddress;
                    bool isPersistent = true;
                    string userData = string.Empty;

                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                        username,
                        DateTime.Now,
                        DateTime.Now.AddMinutes((int)FormsAuthentication.Timeout.TotalMinutes),
                        isPersistent, 
                        userData,
                        FormsAuthentication.FormsCookiePath);

                    // Encrypt the ticket.
                    string encTicket = FormsAuthentication.Encrypt(ticket);

                    // Create the cookie.
                    Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));

                    Response.Redirect(FormsAuthentication.GetRedirectUrl(username, isPersistent));
                }
                else
                {
                    // Display error message
                    ErrorMessage_Literal.Text = "Invalid credentials.";
                }
            }
            else
            {
                // Display error message
                ErrorMessage_Literal.Text = "Invalid credentials.";
            }
        }
    } // public partial class ApplicantForm : System.Web.UI.Page

} // namespace SRM